"There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult."

Monday, 25 October 2010

So you've split your apps into seperate app pools in IIS, which works well for app isolation on your web server and all is well until you start getting 403 HTTP status responses (with a substatus in the IIS logs of 18). This error is a result of your application running your application and the custom error page you've configured within different app pools.

The solution?

I'm afraid you're going to have to edit the registry!!! So back it up first then create a registry key with the name IgnoreAppPoolForCustomErrors, of type DWORD and value 1 under the HKLM\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\ folder.

Saturday, 23 October 2010

You'll get this error from the .Net framework when it detects potentially harmful content in a web request submission. Want to disable this validation? Read on...

For normal ASP.Net Web forms apps you can disable request validation by setting validateRequest=false in the page directive (top of your aspx page) or in the configuration section.

For ASP.Net MVC apps add the [ValidateInput(false)] attribute to the appropriate controller action.

Be careful when turning off this value as you are making your site vulnerable by accepting potentially harmful input. You should explicitly validate your input in your code if you disable the built in .Net request validation.

Wednesday, 20 October 2010

Here's a little snippet I use quite a lot in my test projects to read out an embedded resource text file as a string. The resourceName parameter is the full namespace of the resource, e.g. myproject.files.MyEmbeddedTextFile.txt

Monday, 27 September 2010

One of the projects I'm working on heavily uses a ReST API and performs a lot of XML processing. Recently we've had some serialisation errors when processing some of the XML, resulting in a .Net error throwing:

System.InvalidOperationException: There is an error in XML document (1, XXX). ---> System.Xml.XmlException: XXX, hexadecimal value XXX, is an invalid character.

You can encode a massive range of characters in XML documents, but there are some non-pritable/control characters that are not supported. Legal non-pritable/control characters include tab (xx09), carriage return (xx0D) and line feed (xx0A). For printable characters it's the legal characters of Unicode and ISO/IEC 10646.

Tuesday, 21 September 2010

The ASP.Net vulnerability that was announced prior to the EkoParty conference in Argentina last week, initially sounded a lot like a whole lot smoke and not much fire. I read the summary of the exploit and belittled it in a blog post, telling people not to panic. I did however decide to review the slides of the technique used to expose the vulnerability as it all sounded rather interesting. However, I wish I hadn't as it soon came to light that the vulnerability was more serious than previously thought. Microsoft agreed and released a security advisory.

What can the attack do?

The attack is relevant to all versions and flavours of ASP.Net and is able to decrypt ViewState data, not an issue as long as you don't store sensitive info in the ViewState - which you shouldn't!

The real issue arises if using ASP.Net 3.5 SP1 or above, the attacker could use this encryption vulnerability to request the contents of an arbitrary file within the ASP.Net application i.e. the web.config.

How the does it work?

The attack makes use of cryptographic oracles. An oracle in the context of cryptography is a system which provides hints as you ask it questions. ASP.Net acts as a padding oracle in this case. Allowing an attacker to send chosen cipher text to the server and learn if it was decrypted properly by examining which error code was returned by the server (and even time taken). If the attacker makes enough requests, they can learn enough to successfully decrypt the rest of the cipher text. The attacker can then alter the plain text and re-encrypt it as well.

Silence that Oracle!

By returning only one application error page no matter what the error effectively silences the oracle and the attacker can no longer gain the info they need to decrypt your encrypted site data. Not ideal in web apps,

Anything else?

Yeah actually! Any sensitive files on your server within your application should be encrypted. For example your connection strings or your username and passwords in your web.configs should be encrypted.

It soon became obvious that the article was a little bit sensationalist to say the least (see quote above). Basically the exploit is low-risk. You should only be worried if your applications aren't communicating over SSL and if you have put sensitive information in you ASP.Net application's cookies and are trusting the cookie data blindly. Sensitive data should all be stored server side - but you knew that anyway!

Needless to say, I've not wrote any code lately that checks for an SuperUser=true value in the cookie!!!

Monday, 16 August 2010

So all has been quiet on the blog front for a few weeks now, but I have a valid reason this time - honest!

I've been busy getting to grips with my new role at Esendex as 'Head of Applications Development'. Neadless to say I'm very busy at the moment with planning, coding (although not as much coding as I'd like) and improving the applications team's agility. At the moment the days are passing me by very quickly!

I've got lots of blog post ideas so as soon as I get round to it they'll be up. Expect more Asp.Net MVC, TDD and hopefully some BDD posts popping up very soon indeed :)

Thursday, 24 June 2010

I'm starting to make use of the new Areas feature in my MVC 2 applications. I've found it great for separating my applications into distinct sections rather than staring at a massive list of controllers/views all bundled into one folder. I came across an issue when I created a controller with the same name as a controller within a different or the default area:

Multiple types were found that match the controller named XXXXXXXX...

I thought it was a little cheap of Microsoft requiring you to give your controllers unique names across all areas. I was relieved to find out giving the same name within different areas is perfectly OK, you just need to specify the full namespace for the controller when setting up the route for it, like so:

Friday, 18 June 2010

After performing an upgrade to MVC 2 for a web application last week, I had a number of tests failing. This gave me an opportunity to refactor some controller tests and create a base class for my controller test classes. This new base class is straight forward and allows me to mock HttpRequestBase and HttpSessionStateBase easily on the mock ControllerContext - it also has an overload for mocking AJAX requests too. I expect this class to grow in time but it serves my needs for now:

Friday, 11 June 2010

Wondering if you should be upgrading to ASP.Net MVC 2? It is worth some serious thought as there's some powerful new features, the upgrade process is nice and simple, plus there aren't many breaking code changes. Why not take a peek at what's new in ASP.Net MVC 2 and I bet you'll see at least a handful of features that'll get you itching to upgrade ;)

If you decide to upgrade your web application then review the MVC 2 upgrade notes. They include instructions for upgrading manually or you can choose to use the upgrade tool. I've used the upgrade tool and it seems to work great for most people - but not me, I had two problems :( After the conversion completed I compiled my project and got an error:

It is an error to use a section registered as allowDefinition='MachineToApplication' ...

...I managed to fix this without pulling my hair out though. The only other issue I had was around 10% of my project tests suddenly started failing; a result of some change to the controller context processing (this resulted in me improving my controller tests by creating a base TestController). Again this was a nuisance rather than a show stopper - the upgrade was worth the effort :)

Thursday, 10 June 2010

Application pools allow you to configure one or more web applications to a worker process. An application pool is separated from other application pools by worker process boundaries. So what does this mean? ...An application in one application pool is not affected by problems caused by applications in other application pools. This along with sensible recycling of your application pools, results in your web server being more efficient and reliable.

By default IIS 6 dumps everything into one application pool. So as you add new web applications to your server you should consider logically grouping them into pools. Due to there being an overhead for each application pool it makes more sense to group the web applications into related pools rather than just create a pool for each web application.

Recycling Your Application Pools

To keep your sites working efficiently your should configure IIS to periodically recycle your application pools and recycle them when they become unstable (using too much memory/cpu etc). Recycling cleans up memory fragmentation, memory leaks, abandoned threads and other bits of unwanted clutter. Note that when an application pool recycles, ASP.Net session state information stored in-process is lost for that pool, however other pools are not affected. If this is a problem then you'll need to use another session state mechanism for your ASP.Net web applications.

Application Pool Recycling Events

It's important that you review why your application pools are being recycling. For example, if you have a pool recycling every 30 mins due to excessive memory use then you have an issue with that applcation's code and it needs looking at. Event logs for application pools are off by default, to enable them see this Microsoft KB article.

Security

When you configuring your application pools you can configure the identity of each worker process to run as a different user and should consider how to configure application pools for application security. For example, you might need to create separate application pools for applications that require a high level of security, while allowing applications that require a lower level of security to share the same application pool.

Convinced?

Hopefully with this post you can see the benefits of spending some time in setting up your application pools in IIS and you've made a step in the right direction for improving your web server's reliablility and efficiency :)

Wednesday, 9 June 2010

I've come across this problem a number of times now and it was beginning to annoy me. A few times when building projects on continuous integration servers and today when upgrading my MVC web app to MVC 2 I hit the following error:

It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level This error can be caused by a virtual directory not being configured as an application in IIS.

Everytime I failed to figure out what the problem was and instead I had to admit defeat and use a work-around :(

Well the error message is quite helpful for some people getting this error at runtime and tells them how to fix the problem - configure the web apps virtual directory to be an application. However, I'd been stumbling upon this delightful error when compiling projects - not at runtime!

Luckily I had a light bulb moment... the compiler was not referring to my main web.config for the application, but instead was moaning about a web.config within a sub directory of my application (a backup of the project). Deleting the backup sub directory solved my problems!

Tuesday, 8 June 2010

There are way too many yellow screens of death out there on the net for my liking. But rather than trying to bullet proof your MVC web apps by putting try catch blocks in all your MVC actions to handle unexpected exceptions, there is a far easier way to do it and it keeps your code nice and DRY - see my code snippet below:

I override the OnException method within a base controller for my other controllers to inherit from. Any unhandled exceptions in my action methods will hit this and I can gracefully log the exceptions and send the user to a helpful error view (as long as customErrors for the app are set to true) - it's worth noting I also set an appropriate HTTP status code :)

Thursday, 27 May 2010

It's hard to believe but you can't do multiline comments in Powershell for some reason! Shame on you Microsoft! Here is a bit of a hack to allow you to right comments over multiple lines using a multiline string declaration:

@'
This is a hack so
you can do a multiline
comment in powershell
'@ > $null

Points to note...

The closing '@ has to be in column 0

No whitespace allowed after the opening @'

Redirect the output (or cast to [void]) unless you want to
see it on the console or in a log file

Wednesday, 26 May 2010

Most web developers are aware of the IE alpha transparency problems with PNG images; or will be before long. A lot of developers use GIF images rather than the superior PNG format for this reason; which is a shame.

Friday, 30 April 2010

Had an issue on one of my virtual servers which wouldn't process any ASP.Net documents (aspx, asmx etc), but would just return a 404. However, it would happily return other resources such as htm, txt, css. There was no web application logging, no logs in event viewer I had nothing to go on, until I remembered I hadn't checked my IIS logs.

The logs showed requests for the ASP.Net documents and that a 404 was being returned. This part wasn't helpful but the logs also provide a sub status code which was 2:

Knowing this and with the power of Google I resolved the issue in less than a minute. Just open the IIS6 interface, select the Web Service Extensions menu node, on the right you will see the web service extensions available - just select the ASP.Net extension and click the allow button.

Unless a user is on an internal network, there is no way server-side (I know of) to retrieve the mac address of a user accessing a web page, simply because it isn't sent in the http headers for a request. Any attempt to analyze the underlying network communications server side is pointless as it will just return the MAC address for the last routing machine. However, it is possible to retrieve the mac address of the user simply using client-side Javascript in IE.

<html>
<head>
</head>
<body>

MAC Address

</body>
</html>

Once you've accessed the WMI and got the MAC address you can even send the value server-side if necessary.

Implications: You are connecting to the WMI (Windows Management Instrumentation) for the local machine and therefore you may have a problem if your IE security settings are restrictive. Also, this won't work in non-IE browsers; only works for Windows operating systems. Not all that restrictive then?! ;)

Troubleshooting: If you get an 'automation server can't create object' error when running the script it is probably for one of the reasons below.

You need to enable 'Initialize and script ActiveX controls not marked as safe' on the security tab -> custom level options in IE

WMI isn't installed correctly

WMI isn't installed

Some other permission issue. Are you an administrator? If on Windows 2000 server, have you installed sp4?

P.S. Another plausible option is to use an ActiveX control in connecting to WMI.

Login failed for user 'username'. The user is not associated with a trusted SQL Server connection.

This is a common error when setting up SQL Server instances from scratch and takes just 30 secs to fix.

Basically the SQL server instance you are conecting to has been configured to operate in Windows Authentication Mode and doesn't allow the use of SQL accounts. So change the Authentication Mode of the SQL server from Windows Authentication Mode to Mixed Mode (Windows Authentication and SQL Server Authentication). To do this right click your SQL Server instance in Enterprise Manager/Management Studio, select security and you should see the option in there. Hope you didn't waste as much time as I did on this :)

Email newsletters are common place for advertising products, services and events. Considering its uses, it is easy to understand why
HTML newsletters are king; who wants to send plain text emails when we can send fancy text and graphics?! Unfortunately there are a lot of email clients out there wanting the HTML in a particular manner. Below are some simple tips to get you started with your HTML email newsletter creation.

1. Tables for layout not CSS... Unfortunately, there are alot of email clients that were developed in the last ice age still being used. This means CSS is
poorly and wildly interpreted in terms of displaying your newsletter's layout. It's back to tables for cross email application consistency.

2. Inline styles... Although CSS shouldn't be used for layout, it is fine to use simple CSS styling for the content of the email newsletter. Some email clients can
strip out HTML head styles, so put the <styles section in the body tag, or even better, put the css styles inline.

<p style="color: red;">

3. Javascript... Put simply, no JavaScript allowed! Most email clients will just strip it out.

4. Test, test and test... First test the design in Chrome, Firefox and IE, chances are if it works in these then you should have a consistent design across the web email clients and most app email clients. Finally test with as many email applications as possible (outlook, outlook express, thunderbird, lotus notes etc).

Using the above tips you should achieve a fairly consistent viewing experience of your newsletter for recipients. If you are having consistency issues the links below may help.

Wednesday, 21 April 2010

A big problem with ASP.Net MVC views is the amount of inline code you put in your views that could potentially result in errors that aren't apparent until runtime. Microsoft did spot this as a problem and kindly introduced a way of checking your views for compilation errors when you compile your source, here's how to enable the feature:

Open up your project file for editing either in Visual Studio by right clicking the project file and choosing 'Edit Project File' or just use your favourite text editor. At the top of the project file you'll see a PropertyGroup XML element with a child element of MvcBuildViews, change the value of this to true...

true

This results in a build event at the bottom of your project file getting called...

That's it! You now are that little bit more confident in your deploys :)

Further Points

Increase in Build Time and How to Avoid

This will add an overhead to your builds, so depending on the size of your MVC project this could extend your build time substantially. However, thanks to a discussion with some other team members at Esendex (Alex and Jon) there is a way of avoiding the overhead the majority of the time. Create a new project configuration in Visual Studio, called something like Debug with Views Compilation. This will add a new PropertyGroup section in your project file for this configuration. Set the MvcBuildViews element to true in this new section. Remember to ensure the default section value for MvcBuildViews is false but set the release section value to true.

falsetruetrue

Quite useful if you are working within your MVC app and not changing the views at all.

Problems with Non-Standard Project Builds

If you are building a standard MVC project on a developer machine then everything should work fine. If your MVC project isn't standard you may find you have to play with the PhysicalPath part of the AspNetCompiler. To get our CI build machine building this project I had to change the PhysicalPath value to $(WebProjectOutputDir), this value is passed in as a parameter when calling the build on your project.

Monday, 19 April 2010

Given my new dev machine runs Windows XP x64 (64 bit OS), I've been considering the implications of compiling the assemblies and executables for different target CPUs.

First of all, no matter what target CPU you select, the .Net compiler STILL compiles the source to the Common Intermidate Language (CIL). The executable or assembly being compiled is only affected by this setting to set the platform status information on the assembly’s Common Language Runtime (CLR) header. The CIL is only turned into native code by the CLR at runtime using the Just-in-time (JIT) compiler.

Now here's the important bits, so pay attention...

32 Bit Machine

Any-CPU executable will run as a 32 bit process, can load Any-CPU.dll and x86.dll but will get BadImageFormatException if it tries to load x64.dll.

x86 executable will run as a 32 bit process. It can load Any-CPU.dll and x86.dll but will get BadImageFormatException if it tries to load x64.dll.

x64 executable will not load. The framework will throw a BadImageFormatException if ran.

64 Bit Machine

Any-CPU executable will run as a 64 bit process. It can load Any-CPU.dll and x64.dll but will get BadImageFormatException if it tries to load x86.dll.

x86 executable will run as a 32 bit process (WOW64). It can load Any-CPU.dll and x86.dll but x64.dll will not load, the framework will throw a BadImageFormatException.

x64 executable will run as a 64 bit process. It can load Any-CPU.dll and x64.dll but x86.dll will not load, the framework will throw a BadImageFormatException.

Rule of thumb is... by limiting the CPU target at compilation you would be saying there is something being used by the assembly (something likely unmanaged) that requires 32 bits or 64 bits.

The web development tool I use most. It keeps me sane when debugging strange web site behavior. Use it for inspecting markup for elements, css, modifying it in real-time, debugging javascript, analysing network usage and a whole lot more.

Adds a menu and toolbar to Firefox with lots of handy web developer tools, e.g. a link validator, a html validator, a 'small screen rendering' option for simulating mobile browsing and a bunch of other things too.

Tuesday, 13 April 2010

The aspnet_client directory holds important javascript files used by ASP.Net sites for client side validation on web form controls. Although the directory isn't required for an ASP.Net site to run, it will affect behaviour of certain controls with client side validation enabled, so removing the directory should be avoided (unless you know what you are doing).

If you've removed it by mistake you can regenerate it by reinstalling the ASP.Net site using:

Friday, 9 April 2010

I'm not always a morning person, so when the morning stand-up meeting becomes extended I get a little frustrated.

To me the daily stand-up should take place every morning, within an hour but not first-thing (this gives people a chance to gather their thoughts/make coffee and wake-up). The meeting itself should be kicked off by the last person to attend, it should involve us standing in our project teams and involve us going around each team in turn. One member from each team have 3 questions to answer:

What have you done since yesterday? "Yesterday we did X"

What are you planning to do today? "Today we plan to do Y"

Do you have any problems preventing you from accomplishing your goal? "We currently have no problems" - (hopefully)

The stand-up is great for a brief update on what is happening in the team and the 3 questions should be answered clearly and concisely within 60 secs (no room for waffle and unnecessary details). The stand-up is also great for people to make commitments. So if a team says "Today we plan to complete X" ... the development team will be expecting that that team tomorrow to say "Yesterday we completed X" – it helps people realise commitments.

How to know when your stand-up ceases to be (a stand-up)...

The three questions aren't answered concisely and it takes > 60 secs

There is a discussion between two people resulting in ‘spectators’

People start losing interest and start staring out the window

Someone sits down ;)

These things ruin stand-ups, the rhythm that's supposed to be associated with it and an extended stand-up is detrimental to its purpose!

Thursday, 8 April 2010

Internet Information Services (IIS) 6.0 supports both the 32-bit mode and the 64-bit mode (as long as your OS is 64-bit too!). However IIS 6.0 does not support running both modes at the same time.

ASP.NET 1.1 runs only in 32-bit mode (but who's still using this?!)

ASP.NET 2.0 (and up) runs in 32-bit mode or in 64-bit mode

To run ASP.NET 1.1 and ASP.NET 2.0 web applications at the same time, you're stuck with IIS in 32-bit mode unfortunately

So here's how I setup IIS and ASP.Net to run in 64-bit mode:

Go to command prompt

Disable the 32-bit mode in IIS using the command line argument:
cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0

Install the 64-bit version of ASP.NET 2.0 on IIS using the command line argument:
%SYSTEMROOT%\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -i

Make sure that the status of ASP.NET version 2.0.50727 is set to Allowed in the Web service extension list in IIS Manager. If you had been using ASP.Net in 32-bit mode before, you may need to Prohibit that version ASP.NET version 2.0.50727 (32 bit) first.

The ASP.NET SQL Server Registration tool is used to create a Microsoft SQL Server database for use by the SQL Server providers in ASP.NET, or to add or remove options from an existing database. The tool can be found @ Windows\Microsoft.NET\Framework\VERSION\aspnet_regsql.exe.

Run the executable without arguments to load the wizard, then use the wizard to create or modify database elements for the membership, role management, profile, web parts personalization, and health monitoring features.

SQL Session State (ASPState)

ASP.Net Session State supports several different storage options for session data. To make use of SQL Server Session State you'll need to create the ASPState database on your SQL server instance; but this database isn't created by the aspnet_regsql wizard. Instead you'll need to run the executable with additional arguments. Use MSDN for a full list of arguments available, below is the minimum you'll need to get it installed.

Wednesday, 7 April 2010

Ran into an issue on my newish Windows XP x64 dev machine today; my public queues were missing completely from Message Queuing! The dev team have all got new installs from the same image and I'm the only one with the problem; so I'm not sure what I've done :/

So I did some digging... Message Queuing integrates with active directory but due to an orphaned object my message queuing went into workgroup mode. There is this article on the Microsoft site that may help, but I solved the issue by uninstalling and re-installing Message Queuing.

Tuesday, 6 April 2010

Setting up IIS to send all requests to ASP.Net (e.g. for a HttpHandler for a ReST service or for an ASP.Net MVC web app) is straight forward with .Net and IIS.

1) First ensure that your web application can handle all requests

This is already done for you in an ASP.Net MVC web app. But if you are creating a custom HttpHandler to handle all requests you'll need to go to the httpHandlers section of your web.config file add a reference to your HttpHandler for all HTTP verbs and extensions:

2) Setup IIS to route all request to your handler

a) IIS 5/5.1 (Win XP)

In new window's executable field Browse to the ASP.Net ISAPI dll (usually something like C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll)

In the Extension field type .*

Untick the Check that file exists box and click OK

N.B. There is a bug that if your OK button is not active you need to click the executable field text box, you should see the middle section of the text in the box change from /.../ to the full file path this should now make the OK button active.

b) IIS 6 (XP x64 & Windows Server 2003)

Open the website properties in IIS

Select the Home tab

Click the Configuration button

In new window select the Mappings tab

Insert an entry in to the Wildcard application maps with the ASP.Net ISAPI dll (usually something like C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll)

Untick the check that file exists box and click OK

You should now see all requests being handle via your handler. If you are having issues, you may want to look at your IIS logs - but where are my IIS logs?. Good luck!

This is a common error with new developer/server installs, where IIS (5 & 6) won't process any ASP.Net documents (aspx, asmx etc), but just return a 404. However, it would happily return other files such as htm, txt, css. Typically you won't get any application or event viewer logging, but just the often forgotten and rarely used IIS logs (see my article on Where Are My IIS logs? to find yours :)

The IIS logs show the requests for the ASP.Net documents and record a response status of 404 being returned. This part clearly isn't helpful, but the logs also provide a sub status code which were 2:

With the power of Google I managed to resolve the issue in less than a minute. Just open the IIS interface, select the Web Service Extensions menu node, on the right you will see the web service extensions available - just select the ASP.Net extension and click the allow button.

Although you may have bucket loads of logging taking place in your web applications/sites, the IIS logs can be helpful in certain circumstances. Use the following steps to track down these tucked-away log files:

Open Internet Information Services (IIS)

Right-click the desired web site and select properties

On the Web Site tab, at the bottom is the Active Log Format; select the properties button next to it

You'll now have a box that contains the log file directory and the log file name. Together they make the full log path.

In this window you can also change useful settings like what request/response details are recorded in the logs. Some useful options not selected by default are bytes sent, bytes received and referrer (useful for tracking 404s in certain cases).

Extracting useful info from these log files is another blog post all together ;)

Wednesday, 31 March 2010

Some developers seem to be against testing private methods, that if you need to test private methods there is a design issue. I don't think I agree in all cases and extracting some method logic into another method for further testing seems valid to me. Having to make that method public (against it's design) just for testing purposes doesn't sit right, so I test private methods using the PrivateObject class found in the Visual Studio TestTools library...

Just had a mild heart attack... I couldn't find a download for Powershell V2 for Windows XP x64 OS! But turns out XP x64 is half XP - half Server 2003! So I've downloaded the Windows Server 2003 x64 install and it works fine!

Lots of talk regarding the .LESS (pronounced dot-less) library has prompted me to finally get around to incorporating it within one of my projects - and I'm impressed. .LESS extends on CSS, making your CSS dynamic. It allows you to work with your CSS more easily and without needing to repeat yourself by way of 4 powerful language enhancements:

Variables

Variables specify widely used values in one place such as site colours.

Nested Rules

How does .LESS work?

These language enhancements are parsed and converted to valid CSS on the fly, or can be pre-compiled. It's amazingly easily to start working with and the homepage has all the info you'll probably ever need on .LESS - it really is that simple :)

Performance?

.LESS removes comments by default and has built in support for minification and caching via the optional config values. Although if you are serious about performance I'd suggest using .LESS to compile your .LESS files to .css during the build and leave the caching and compression to IIS.

Gotchas to avoid...

Visual Studio 2008 won't know what type of file a .LESS file is, which means it opens it as a plain text file. There is a .LESS Visual Studio Integration Pack (if it asks you to login then click 'login as guest') that I recommend you getting so you have syntax highlighting at least - but I'm afraid intellisense won't be able to help you here.

Remember to make sure IIS is setup to forward .LESS resource requests to the ASP.Net engine (if you are working on MVC apps then it will by default).

Visual Studio won't set a build action on .LESS files, so remember to set build action to 'content' or the files won't be deployed.

As .LESS parses the file I noticed it fell over (didn't process the rest of the CSS file) on this particular CSS hack "border:none!important;" so you may need to rethink your hacks if .LESS doesn't like it.

Monday, 29 March 2010

I often forget to comment my check-ins and I'm getting fed up with having a big sign stuck to my monitor saying "Comment Your Check-Ins!". So I've decided to make use of Team Foundation Server Power Tools to enforce a custom check-in policy to ensure everyone checks in comments with their changesets.

Other useful features of the add-on include the ability to enforce a 'testing policy' to ensure tests are run before check-in and an alert editor for enabling subscriptions to events (e.g. failed builds) in Team Foundation Server. A very useful add-on indeed :)

Thursday, 4 March 2010

Here are some easy-to-use functions for zipping up a directory and unzipping using Powershell. The functions use the opensource SharpZipLib library, a Zip, GZip, Tar and BZip2 library written entirely in C# for the .NET platform. So you'll need to download this and reference the SharpZipLib assembly in the appropriate place in the functions below.

Go to the Powershell website and download PowerShell. It isn't that obvious but it's part of the Windows Management Framework download. First time you run scripts you'll need to remove the restricted execution policy by running Powershell from the command line and running the command:

set-executionpolicy remotesigned

There is a bundled editor in the Powershell download but I use PowerShell GUI, it's quite a nice editor and has intellisense :)

So I've developed my web application in firefox, all seems to be working fine but before I check-in I quickly check the application in the other major browsers; they all work great. All work great APART from IE!

In IE it turns out that the jQuery .html() attribute won't replace contents of first matched element unless the new HTML is valid (i.e. opening and closing tags match). Guess I can't complain with IE not liking the HTML I'm giving it when its imperfect. If only IE practiced what it preached! :)

// This fails in IE...
$('#someDivID').html("<div id='newDivID'><p>hello world</p></div></div>");
// This works in IE...
$('#someDivID').html("

Wednesday, 17 February 2010

If you use resx files for something like translations in your web apps, you'll notice problems when unit testing as your web app won't be running in its natural state and those resources won't be loaded as normal. Typically you'll get the error...

Could not load file or assembly App_GlobalResources

I'm yet to find a decent solution for this problem but here's how I currently get around it in MVC apps. Here I'm replacing my dependency on Strings.resx in App_GlobalResources.

First thing to do is to create a ResourceManager property and make use of this instance within the class you're testing. Now whenever you need to make use of the resource you have to replace the normal syntax of Strings.FieldYouWant with StringsResource.GetString("FieldYouWant") as shown in the method MethodBeingTested().

In your test project you'll need to create a Strings.resx mirrored source file and make use of this when testing MyController class. Do this by instantiating with a resource from the calling test assembly...

Tuesday, 16 February 2010

Google Analytics is THE way to record and analyse everything about the traffic on your site. Whilst it's real easy to setup you need to change the default behaviour if you want to record javascript events and AJAX navigation changes; this is how to do exactly that.

Analytics requires two things to work. You need the Analytics resource on the client...

...it's the pageTracker._trackPageview(); part that sends the data to Google Analytics. Without parameters the current URL is sent. However, you can override the default behaviour and pass the URL as an argument.

I don't want to pick on IE again (it has been less than 24 hours since my last post about IE), but I'm afraid I have to. I've been working on a new project recently that makes use of AJAX. I usually develop in Firefox and then fix all my IE problems afterwards. This time however one of my AJAX areas of the site seemed to rarely update in IE (if at all), other browsers were fine.

After some playing around I came to the conclusion that IE was caching my AJAX requests. You could argue that IE is right to cache the requests, as the HTTP spec states that GET requests should be cached. But given the browser knows a XMLHttpRequest is being made the caching is completely uneccessary/unwanted. Once I knew the problem the fix was easy. I just needed to append something random to the request URI, a number or timestamp for example.

So instead of requests to /Resource, just use /Resource?ie={random}. It's fairly straight forward to generate a random number in Javascript:

// Random number between 0 and 100
Math.floor(Math.random()*101);

Realising that I wouldn't be alone in tackling the issue I found people used similar tactics to get around the problem. Another neat way is to change the request to be a POST.

IE6 we haven't been friends for a while now. We haven't been able to sit at the same desk for some time, around seven years without an argument starting.

Needless to say I am not in the least bit sad to hear you are finally being ousted by your makers; Microsoft are trying to get the heavily used browser's users to upgrade. Although web savvy users have updated their browser, Microsoft is targeting the tough cookies and touting its own IE 8 as a better alternative.

Tuesday, 26 January 2010

I used SyntaxHighlighter before on my last blog and it is perfect for putting snippets of code up with your blog posts. Looks like its come on a treat too and even offers hosted source files for those of us without access to file hosting (and those of us too lazy). Would like to see them using a CDN for the hosted files though - maybe the Amazon S3 service.

So I’d gone and done it. Finally created a new blog on the impressive tumblr platform. But soon ran into problems when I wanted archive and category features on the micro blogging platform. Not even the new kid on the block Posterious had all the features I needed. So I decided to come back on Blogger and give it another chance. After all it's quick, customisable and has all the features I need right now.

So why start a new blog anyway?… Well my last blog was getting around 3000 hits a month before I stopped posting entries around 18 months ago and its still getting 2000 now. I found posting little snippets for getting around bugs and problems I had stumbled across were not just good for me to record for future reference, but the blog posts that people found most useful.

Every developer uses the net to find solutions for the problems they come across and this blog is my contribution to the developer communities; hope you find something useful :)